1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd July 21, 2006 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71Options are set with 72.Dq Li name=value 73assignments that use 74.Xr sh 1 75syntax. 76The following list provides a name and short description for each 77variable that can be set in the 78.Nm 79file: 80.Bl -tag -width indent-two 81.It Va rc_debug 82.Pq Vt bool 83If set to 84.Dq Li YES , 85enable output of debug messages from rc scripts. 86This variable can be helpful in diagnosing mistakes when 87editing or integrating new scripts. 88Beware that this produces copious output to the terminal and 89.Xr syslog 3 . 90.It Va rc_info 91.Pq Vt bool 92If set to 93.Dq Li NO , 94disable informational messages from the rc scripts. 95Informational messages are displayed when 96a condition that is not serious enough to warrant a warning or 97an error occurs. 98.It Va early_late_divider 99.Pq Vt str 100The name of the script that should be used as the 101delimiter between the 102.Dq early 103and 104.Dq late 105stages of the boot process. 106The early stage should contain all the services needed to 107get the disks (local or remote) mounted so that the late 108stage can include scripts contained in the directories 109listed in the 110.Va local_startup 111variable (see below). 112Thus, the two likely candidates for this value are 113mountcritlocal for the typical system, 114and mountcritremote if the system needs remote file 115systems mounted to get access to the 116.Va local_startup 117directories; for example when 118.Pa /usr/local 119is NFS mounted. 120For 121.Pa rc.conf 122within a 123.Xr jail 8 124NETWORKING is likely to be an appropriate value. 125Extreme care should be taken when changing this value, 126and before changing it one should ensure that there are 127adequate provisions to recover from a failed boot 128(such as physical contact with the machine, 129or reliable remote console access). 130.It Va swapfile 131.Pq Vt str 132If set to 133.Dq Li NO , 134no swapfile is installed, otherwise the value is used as the full 135pathname to a file to use for additional swap space. 136.It Va apm_enable 137.Pq Vt bool 138If set to 139.Dq Li YES , 140enable support for Automatic Power Management with 141the 142.Xr apm 8 143command. 144.It Va apmd_enable 145.Pq Vt bool 146Run 147.Xr apmd 8 148to handle APM event from userland. 149This also enables support for APM. 150.It Va apmd_flags 151.Pq Vt str 152If 153.Va apmd_enable 154is set to 155.Dq Li YES , 156these are the flags to pass to the 157.Xr apmd 8 158daemon. 159.It Va devd_enable 160.Pq Vt bool 161Run 162.Xr devd 8 163to handle device added, removed or unknown events from the kernel. 164.It Va kldxref_enable 165.Pq Vt bool 166Set to 167.Dq Li NO 168by default. 169Set to 170.Dq Li YES 171to automatically rebuild 172.Pa linker.hints 173files with 174.Xr kldxref 8 175at boot time. 176.It Va kldxref_clobber 177.Pq Vt bool 178Set to 179.Dq Li NO 180by default. 181If 182.Va kldxref_enable 183is true, 184setting to 185.Dq Li YES 186will overwrite existing 187.Pa linker.hints 188files at boot time. 189Otherwise, 190only missing 191.Pa linker.hints 192files are generated. 193.It Va kldxref_module_path 194.Pq Vt str 195Empty by default. 196A semi-colon 197.Pq Ql \&; 198delimited list of paths containing 199.Xr kld 4 200modules. 201If empty, 202the contents of the 203.Va kern.module_path 204.Xr sysctl 8 205are used. 206.It Va powerd_enable 207.Pq Vt bool 208If set to 209.Dq Li YES , 210enable the system power control facility with the 211.Xr powerd 8 212daemon. 213.It Va powerd_flags 214.Pq Vt str 215If 216.Va powerd_enable 217is set to 218.Dq Li YES , 219these are the flags to pass to the 220.Xr powerd 8 221daemon. 222.It Va tmpmfs 223Controls the creation of a 224.Pa /tmp 225memory file system. 226Always happens if set to 227.Dq Li YES 228and never happens if set to 229.Dq Li NO . 230If set to anything else, a memory file system is created if 231.Pa /tmp 232is not writable. 233.It Va tmpsize 234Controls the size of a created 235.Pa /tmp 236memory file system. 237.It Va tmpmfs_flags 238Extra options passed to the 239.Xr mdmfs 8 240utility when the memory file system for 241.Pa /tmp 242is created. 243The default is 244.Dq Li "-S -M" , 245which inhibits the use of softupdates on 246.Pa /tmp 247to waste as little space as possible 248and creates a pure memory backed disk, which will never be swapped out, 249for maximum performance and system stability at low memory conditions. 250See 251.Xr mdmfs 8 252for other options you can use in 253.Va tmpmfs_flags . 254.It Va varmfs 255Controls the creation of a 256.Pa /var 257memory file system. 258Always happens if set to 259.Dq Li YES 260and never happens if set to 261.Dq Li NO . 262If set to anything else, a memory file system is created if 263.Pa /var 264is not writable. 265.It Va varsize 266Controls the size of a created 267.Pa /var 268memory file system. 269.It Va varmfs_flags 270Extra options passed to the 271.Xr mdmfs 8 272utility when the memory file system for 273.Pa /var 274is created. 275The default is 276.Dq Li "-S -M" , 277which inhibits the use of softupdates on 278.Pa /var 279to waste as little space as possible 280and creates a pure memory backed disk, which will never be swapped out, 281for maximum performance and system stability at low memory conditions. 282See 283.Xr mdmfs 8 284for other options you can use in 285.Va varmfs_flags . 286.It Va populate_var 287Controls the automatic population of the 288.Pa /var 289file system. 290Always happens if set to 291.Dq Li YES 292and never happens if set to 293.Dq Li NO . 294If set to anything else, a memory file system is created if 295.Pa /var 296is not writable. 297Note that this process requires access to certain commands in 298.Pa /usr 299before 300.Pa /usr 301is mounted on normal systems. 302.It Va cleanvar_enable 303.Pq Vt bool 304Clean the 305.Pa /var 306directory. 307.It Va local_startup 308.Pq Vt str 309List of directories to search for startup script files. 310.It Va script_name_sep 311.Pq Vt str 312The field separator to use for breaking down the list of startup script files 313into individual filenames. 314The default is a space. 315It is not necessary to change this unless there are startup scripts with names 316containing spaces. 317.It Va hostapd_enable 318.Pq Vt bool 319Set to 320.Dq Li YES 321to start 322.Xr hostapd 8 323at system boot time. 324.It Va hostname 325.Pq Vt str 326The fully qualified domain name (FQDN) of this host on the network. 327This should almost certainly be set to something meaningful, even if 328there is no network connection. 329If 330.Xr dhclient 8 331is used to set the hostname via DHCP, 332this variable should be set to an empty string. 333.It Va ipv6_enable 334.Pq Vt bool 335Enable support for IPv6 networking. 336Note that this requires that the kernel has been compiled with 337.Cd "options INET6" . 338.It Va nisdomainname 339.Pq Vt str 340The NIS domain name of this host, or 341.Dq Li NO 342if NIS is not used. 343.It Va dhclient_program 344.Pq Vt str 345Path to the DHCP client program 346.Pa ( /sbin/dhclient , 347the 348.Ox 349DHCP client, 350is the default). 351.It Va dhclient_flags 352.Pq Vt str 353Additional flags to pass to the DHCP client program. 354For the 355.Ox 356DHCP client, see the 357.Xr dhclient 8 358manpage for a description of the command line options available. 359.It Va background_dhclient 360.Pq Vt bool 361Set to 362.Dq Li YES 363to start the DHCP client in background. 364This can cause trouble with applications depending on 365a working network, but it will provide a faster startup 366in many cases. 367.It Va synchronous_dhclient 368.Pq Bt bool 369Set to 370.Dq Li NO 371to start 372.Xr dhclient 8 373only in response to interface events and not synchronously at startup. 374This behavior can be overridden on a per-interface basis by replacing 375the 376.Dq Li DHCP 377keyword in the 378.Va ifconfig_ Ns Aq Ar interface 379variable with 380.Dq Li SYNCDHCP 381or 382.Dq Li NOSYNCDHCP . 383.It Va firewall_enable 384.Pq Vt bool 385Set to 386.Dq Li YES 387to load firewall rules at startup. 388If the kernel was not built with 389.Cd "options IPFIREWALL" , 390the 391.Pa ipfw.ko 392kernel module will be loaded. 393See also 394.Va ipfilter_enable . 395.It Va ipv6_firewall_enable 396.Pq Vt bool 397The IPv6 equivalent of 398.Va firewall_enable . 399Set to 400.Dq Li YES 401to load IPv6 firewall rules at startup. 402If the kernel was not built with 403.Cd "options IPV6FIREWALL" , 404the 405.Pa ipfw.ko 406kernel module will be loaded. 407.It Va firewall_script 408.Pq Vt str 409This variable specifies the full path to the firewall script to run. 410The default is 411.Pa /etc/rc.firewall . 412.It Va ipv6_firewall_script 413.Pq Vt str 414The IPv6 equivalent of 415.Va firewall_script . 416.It Va firewall_type 417.Pq Vt str 418Names the firewall type from the selection in 419.Pa /etc/rc.firewall , 420or the file which contains the local firewall ruleset. 421Valid selections from 422.Pa /etc/rc.firewall 423are: 424.Pp 425.Bl -tag -width ".Li simple" -compact 426.It Li open 427unrestricted IP access 428.It Li closed 429all IP services disabled, except via 430.Dq Li lo0 431.It Li client 432basic protection for a workstation 433.It Li simple 434basic protection for a LAN. 435.El 436.Pp 437If a filename is specified, the full path 438must be given. 439.It Va ipv6_firewall_type 440.Pq Vt str 441The IPv6 equivalent of 442.Va firewall_type . 443.It Va firewall_quiet 444.Pq Vt bool 445Set to 446.Dq Li YES 447to disable the display of firewall rules on the console during boot. 448.It Va ipv6_firewall_quiet 449.Pq Vt bool 450The IPv6 equivalent of 451.Va firewall_quiet . 452.It Va firewall_logging 453.Pq Vt bool 454Set to 455.Dq Li YES 456to enable firewall event logging. 457This is equivalent to the 458.Dv IPFIREWALL_VERBOSE 459kernel option. 460.It Va ipv6_firewall_logging 461.Pq Vt bool 462The IPv6 equivalent of 463.Va firewall_logging . 464.It Va firewall_flags 465.Pq Vt str 466Flags passed to 467.Xr ipfw 8 468if 469.Va firewall_type 470specifies a filename. 471.It Va ipv6_firewall_flags 472.Pq Vt str 473The IPv6 equivalent of 474.Va firewall_flags . 475.It Va natd_program 476.Pq Vt str 477Path to 478.Xr natd 8 . 479.It Va natd_enable 480.Pq Vt bool 481Set to 482.Dq Li YES 483to enable 484.Xr natd 8 . 485.Va firewall_enable 486must also be set to 487.Dq Li YES , 488and 489.Xr divert 4 490sockets must be enabled in the kernel. 491If the kernel was not built with 492.Cd "options IPDIVERT" , 493the 494.Pa ipdivert.ko 495kernel module will be loaded. 496.It Va natd_interface 497.Pq Vt str 498This is the name of the public interface on which 499.Xr natd 8 500should run. 501The interface may be given as an interface name or as an IP address. 502.It Va natd_flags 503.Pq Vt str 504Additional 505.Xr natd 8 506flags should be placed here. 507The 508.Fl n 509or 510.Fl a 511flag is automatically added with the above 512.Va natd_interface 513as an argument. 514.\" ----- ipfilter_enable setting -------------------------------- 515.It Va ipfilter_enable 516.Pq Vt bool 517Set to 518.Dq Li NO 519by default. 520Setting this to 521.Dq Li YES 522enables 523.Xr ipf 8 524packet filtering. 525.Pp 526Typical usage will require putting 527.Bd -literal 528ipfilter_enable="YES" 529ipnat_enable="YES" 530ipmon_enable="YES" 531ipfs_enable="YES" 532.Ed 533.Pp 534into 535.Pa /etc/rc.conf 536and editing 537.Pa /etc/ipf.rules 538and 539.Pa /etc/ipnat.rules 540appropriately. 541.Pp 542Note that 543.Va ipfilter_enable 544and 545.Va ipnat_enable 546can be enabled independently. 547.Va ipmon_enable 548and 549.Va ipfs_enable 550both require at least one of 551.Va ipfilter_enable 552and 553.Va ipnat_enable 554to be enabled. 555.Pp 556Having 557.Bd -literal 558options IPFILTER 559options IPFILTER_LOG 560options IPFILTER_DEFAULT_BLOCK 561.Ed 562.Pp 563in the kernel configuration file is a good idea, too. 564.\" ----- ipfilter_program setting ------------------------------ 565.It Va ipfilter_program 566.Pq Vt str 567Path to 568.Xr ipf 8 569(default 570.Pa /sbin/ipf ) . 571.\" ----- ipfilter_rules setting -------------------------------- 572.It Va ipfilter_rules 573.Pq Vt str 574Set to 575.Pa /etc/ipf.rules 576by default. 577This variable contains the name of the filter rule definition file. 578The file is expected to be readable for the 579.Xr ipf 8 580command to execute. 581.\" ----- ipv6_ipfilter_rules setting --------------------------- 582.It Va ipv6_ipfilter_rules 583.Pq Vt str 584Set to 585.Pa /etc/ipf6.rules 586by default. 587This variable contains the IPv6 filter rule definition file. 588The file is expected to be readable for the 589.Xr ipf 8 590command to execute. 591.\" ----- ipfilter_flags setting -------------------------------- 592.It Va ipfilter_flags 593.Pq Vt str 594Empty by default. 595This variable contains flags passed to the 596.Xr ipf 8 597program. 598.\" ----- ipnat_enable setting ---------------------------------- 599.It Va ipnat_enable 600.Pq Vt bool 601Set to 602.Dq Li NO 603by default. 604Set it to 605.Dq Li YES 606to enable 607.Xr ipnat 8 608network address translation. 609See 610.Va ipfilter_enable 611for a detailed discussion. 612.\" ----- ipnat_program setting --------------------------------- 613.It Va ipnat_program 614.Pq Vt str 615Path to 616.Xr ipnat 8 617(default 618.Pa /sbin/ipnat ) . 619.\" ----- ipnat_rules setting ----------------------------------- 620.It Va ipnat_rules 621.Pq Vt str 622Set to 623.Pa /etc/ipnat.rules 624by default. 625This variable contains the name of the file 626holding the network address translation definition. 627This file is expected to be readable for the 628.Xr ipnat 8 629command to execute. 630.\" ----- ipnat_flags setting ----------------------------------- 631.It Va ipnat_flags 632.Pq Vt str 633Empty by default. 634This variable contains flags passed to the 635.Xr ipnat 8 636program. 637.\" ----- ipmon_enable setting ---------------------------------- 638.It Va ipmon_enable 639.Pq Vt bool 640Set to 641.Dq Li NO 642by default. 643Set it to 644.Dq Li YES 645to enable 646.Xr ipmon 8 647monitoring (logging 648.Xr ipf 8 649and 650.Xr ipnat 8 651events). 652Setting this variable needs setting 653.Va ipfilter_enable 654or 655.Va ipnat_enable 656too. 657See 658.Va ipfilter_enable 659for a detailed discussion. 660.\" ----- ipmon_program setting --------------------------------- 661.It Va ipmon_program 662.Pq Vt str 663Path to 664.Xr ipmon 8 665(default 666.Pa /sbin/ipmon ) . 667.\" ----- ipmon_flags setting ----------------------------------- 668.It Va ipmon_flags 669.Pq Vt str 670Set to 671.Dq Li -Ds 672by default. 673This variable contains flags passed to the 674.Xr ipmon 8 675program. 676Another typical example would be 677.Dq Fl D Pa /var/log/ipflog 678to have 679.Xr ipmon 8 680log directly to a file bypassing 681.Xr syslogd 8 . 682Make sure to adjust 683.Pa /etc/newsyslog.conf 684in such case like this: 685.Bd -literal 686/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 687.Ed 688.\" ----- ipfs_enable setting ----------------------------------- 689.It Va ipfs_enable 690.Pq Vt bool 691Set to 692.Dq Li NO 693by default. 694Set it to 695.Dq Li YES 696to enable 697.Xr ipfs 8 698saving the filter and NAT state tables during shutdown 699and reloading them during startup again. 700Setting this variable needs setting 701.Va ipfilter_enable 702or 703.Va ipnat_enable 704to 705.Dq Li YES 706too. 707See 708.Va ipfilter_enable 709for a detailed discussion. 710Note that if 711.Va kern_securelevel 712is set to 3, 713.Va ipfs_enable 714cannot be used 715because the raised securelevel will prevent 716.Xr ipfs 8 717from saving the state tables at shutdown time. 718.\" ----- ipfs_program setting ---------------------------------- 719.It Va ipfs_program 720.Pq Vt str 721Path to 722.Xr ipfs 8 723(default 724.Pa /sbin/ipfs ) . 725.\" ----- ipfs_flags setting ------------------------------------ 726.It Va ipfs_flags 727.Pq Vt str 728Empty by default. 729This variable contains flags passed to the 730.Xr ipfs 8 731program. 732.\" ----- end of added ipf hook --------------------------------- 733.It Va pf_enable 734.Pq Vt bool 735Set to 736.Dq Li NO 737by default. 738Setting this to 739.Dq Li YES 740enables 741.Xr pf 4 742packet filtering. 743.Pp 744Typical usage will require putting 745.Pp 746.Dl pf_enable="YES" 747.Pp 748into 749.Pa /etc/rc.conf 750and editing 751.Pa /etc/pf.conf 752appropriately. 753.Pp 754.Dl "device pf" 755.Pp 756builds 757.Xr pf 4 758into the kernel. 759Otherwise it is loaded from a module. 760.It Va pf_rules 761.Pq Vt str 762Path to 763.Xr pf 4 764ruleset configuration file 765(default 766.Pa /etc/pf.conf ) . 767.It Va pf_program 768.Pq Vt str 769Path to 770.Xr pfctl 8 771(default 772.Pa /sbin/pfctl ) . 773.It Va pf_flags 774.Pq Vt str 775If 776.Va pf_enable 777is set to 778.Dq Li YES , 779these flags are passed to the 780.Xr pfctl 8 781program when loading the ruleset. 782.It Va pflog_enable 783.Pq Vt bool 784Set to 785.Dq Li NO 786by default. 787Setting this to 788.Dq Li YES 789enables 790.Xr pflogd 8 791which logs packets from the 792.Xr pf 4 793packet filter. 794.It Va pflog_logfile 795.Pq Vt str 796If 797.Va pflog_enable 798is set to 799.Dq Li YES 800this controls where 801.Xr pflogd 8 802stores the logfile 803(default 804.Pa /var/log/pflog ) . 805Check 806.Pa /etc/newsyslog.conf 807to adjust logfile rotation for this. 808.It Va pflog_program 809.Pq Vt str 810Path to 811.Xr pflogd 8 812(default 813.Pa /sbin/pflogd ) . 814.It Va pflog_flags 815.Pq Vt str 816Empty by default. 817This variable contains additional flags passed to the 818.Xr pflogd 8 819program. 820.It Va pfsync_enable 821.Pq Vt bool 822Set to 823.Dq Li NO 824by default. 825Setting this to 826.Dq Li YES 827enables exposing 828.Xr pf 4 829state changes to other hosts over the network by means of 830.Xr pfsync 4 . 831The 832.Va pfsync_syncdev 833variable 834must also be set then. 835.It Va pfsync_syncdev 836.Pq Vt str 837Empty by default. 838This variable specifies the name of the network interface 839.Xr pfsync 4 840should operate through. 841It must be set accordingly if 842.Va pfsync_enable 843is set to 844.Dq Li YES . 845.It Va pfsync_ifconfig 846.Pq Vt str 847Empty by default. 848This variable can contain additional options to be passed to the 849.Xr ifconfig 8 850command used to set up 851.Xr pfsync 4 . 852.It Va tcp_extensions 853.Pq Vt bool 854Set to 855.Dq Li YES 856by default. 857Setting this to 858.Dq Li NO 859disables certain TCP options as described by 860.Rs 861.%T "RFC 1323" 862.Re 863Setting this to 864.Dq Li NO 865might help remedy such problems with connections as randomly hanging 866or other weird behavior. 867Some network devices are known 868to be broken with respect to these options. 869.It Va log_in_vain 870.Pq Vt int 871Set to 0 by default. 872The 873.Xr sysctl 8 874variables, 875.Va net.inet.tcp.log_in_vain 876and 877.Va net.inet.udp.log_in_vain , 878as described in 879.Xr tcp 4 880and 881.Xr udp 4 , 882are set to the given value. 883.It Va tcp_keepalive 884.Pq Vt bool 885Set to 886.Dq Li YES 887by default. 888Setting to 889.Dq Li NO 890will disable probing idle TCP connections to verify that the 891peer is still up and reachable. 892.It Va tcp_drop_synfin 893.Pq Vt bool 894Set to 895.Dq Li NO 896by default. 897Setting to 898.Dq Li YES 899will cause the kernel to ignore TCP frames that have both 900the SYN and FIN flags set. 901This prevents OS fingerprinting, but may 902break some legitimate applications. 903This option is only available if the 904kernel was built with the 905.Dv TCP_DROP_SYNFIN 906option. 907.It Va icmp_drop_redirect 908.Pq Vt bool 909Set to 910.Dq Li NO 911by default. 912Setting to 913.Dq Li YES 914will cause the kernel to ignore ICMP REDIRECT packets. 915Refer to 916.Xr icmp 4 917for more information. 918.It Va icmp_log_redirect 919.Pq Vt bool 920Set to 921.Dq Li NO 922by default. 923Setting to 924.Dq Li YES 925will cause the kernel to log ICMP REDIRECT packets. 926Note that 927the log messages are not rate-limited, so this option should only be used 928for troubleshooting networks. 929Refer to 930.Xr icmp 4 931for more information. 932.It Va icmp_bmcastecho 933.Pq Vt bool 934Set to 935.Dq Li YES 936to respond to broadcast or multicast ICMP ping packets. 937Refer to 938.Xr icmp 4 939for more information. 940.It Va ip_portrange_first 941.Pq Vt int 942If not set to 943.Dq Li NO , 944this is the first port in the default portrange. 945Refer to 946.Xr ip 4 947for more information. 948.It Va ip_portrange_last 949.Pq Vt int 950If not set to 951.Dq Li NO , 952this is the last port in the default portrange. 953Refer to 954.Xr ip 4 955for more information. 956.It Va network_interfaces 957.Pq Vt str 958Set to the list of network interfaces to configure on this host or 959.Dq Li AUTO 960(the default) for all current interfaces. 961Setting the 962.Va network_interfaces 963variable to anything other than the default is deprecated. 964Interfaces that the administrator wishes to store configration for, 965but not start at boot should be configured with the 966.Dq Li NOAUTO 967keyword in their 968.Va ifconfig_ Ns Aq Ar interface 969variables as described below. 970.Pp 971An 972.Va ifconfig_ Ns Aq Ar interface 973variable is also assumed to exist for each value of 974.Ar interface . 975When an interface name contains any of the characters 976.Dq Li .-/+ 977they are translated to 978.Dq Li _ 979before lookup. 980The variable can contain arguments to 981.Xr ifconfig 8 , 982as well as special case-insensitive keywords described below. 983Such keywords are removed before passing the value to 984.Xr ifconfig 8 985while the order of the other arguments is preserved. 986.Pp 987One can configure more than one IPv4 address with the 988.Va ipv4_addrs_ Ns Aq Ar interface 989variable. 990One or more IP addresses must be provided in Classless Inter-Domain 991Routing (CIDR) address notation, whose last byte can be a range like 992192.168.0.5-23/24. 993In this case the address 192.168.0.5 will be configured with the 994netmask /24 and the addresses 192.168.0.6 to 192.168.0.23 with 995the non-conflicting netmask /32 as explained in the 996.Xr ifconfig 8 997alias section. 998With the interface in question being 999.Li ed0 , 1000an example could look like: 1001.Bd -literal 1002ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28" 1003.Ed 1004.Pp 1005It is also possible to add IP alias entries using 1006.Xr ifconfig 8 1007syntax. 1008Assuming that the interface in question was 1009.Li ed0 , 1010it might look 1011something like this: 1012.Bd -literal 1013ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 1014ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 1015.Ed 1016.Pp 1017And so on. 1018For each 1019.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1020entry that is found, 1021its contents are passed to 1022.Xr ifconfig 8 . 1023Execution stops at the first unsuccessful access, so if 1024something like this is present: 1025.Bd -literal 1026ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 1027ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 1028ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 1029ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 1030.Ed 1031.Pp 1032Then note that alias4 would 1033.Em not 1034be added since the search would 1035stop with the missing 1036.Dq Li alias3 1037entry. 1038Due to this difficult to manage behavior, the 1039.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1040form is deprecated. 1041.Pp 1042If the 1043.Pa /etc/start_if. Ns Aq Ar interface 1044file is present, it is read and executed by the 1045.Xr sh 1 1046interpreter 1047before configuring the interface as specified in the 1048.Va ifconfig_ Ns Aq Ar interface 1049and 1050.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1051variables. 1052.Pp 1053If the 1054.Va ifconfig_ Ns Aq Ar interface 1055contains the keyword 1056.Dq Li NOAUTO 1057then the interface will not be configured 1058at boot or by 1059.Pa /etc/pccard_ether 1060when 1061.Va network_interfaces 1062is set to 1063.Dq Li AUTO . 1064.Pp 1065It is possible to bring up an interface with DHCP by adding 1066.Dq Li DHCP 1067to the 1068.Va ifconfig_ Ns Aq Ar interface 1069variable. 1070For instance, to initialize the 1071.Li ed0 1072device via DHCP, 1073it is possible to use something like: 1074.Bd -literal 1075ifconfig_ed0="DHCP" 1076.Ed 1077.Pp 1078Also, if your interface needs WPA authentication, it is possible to add 1079.Dq Li WPA 1080to the 1081.Va ifconfig_ Ns Aq Ar interface 1082variable. 1083.Pp 1084Finally, you can add 1085.Xr ifconfig 8 1086options in this variable, in addition to the 1087.Pa /etc/start_if. Ns Aq Ar interface 1088file. 1089For instance, to initialize the 1090.Li wi0 1091device via DHCP, using WPA authentication and 802.11b mode, it is 1092possible to use something like: 1093.Bd -literal 1094ifconfig_wi0="DHCP WPA mode 11b" 1095.Ed 1096.Pp 1097In addition to the 1098.Va ifconfig_ Ns Aq Ar interface 1099form, a fallback variable 1100.Va ifconfig_DEFAULT 1101may be configured. 1102It will be used for all interfaces with no 1103.Va ifconfig_ Ns Aq Ar interface 1104variable. 1105This is intended to replace the no longer supported 1106.Va pccard_ifconfig 1107variable. 1108.Pp 1109It is also possible to rename interface by doing: 1110.Bd -literal 1111ifconfig_ed0_name="net0" 1112ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 1113.Ed 1114.It Va ipv6_network_interfaces 1115.Pq Vt str 1116This is the IPv6 equivalent of 1117.Va network_interfaces . 1118Instead of setting the ifconfig variables as 1119.Va ifconfig_ Ns Aq Ar interface 1120they should be set as 1121.Va ipv6_ifconfig_ Ns Aq Ar interface . 1122Aliases should be set as 1123.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 1124.Va ipv6_prefix_ Ns Aq Ar interface 1125does something. 1126Interfaces that do not have a 1127.Va ipv6_ifconfig_ Ns Aq Ar interface 1128setting will be auto configured by 1129.Xr rtsol 8 1130if the 1131.Va ipv6_gateway_enable 1132is set to 1133.Dq Li NO . 1134Note that the IPv6 networking code does not support the 1135.Pa /etc/start_if. Ns Aq Ar interface 1136files. 1137.It Va ipv6_default_interface 1138.Pq Vt str 1139If not set to 1140.Dq Li NO , 1141this is the default output interface for scoped addresses. 1142Now this works only for IPv6 link local multicast addresses. 1143.It Va cloned_interfaces 1144.Pq Vt str 1145Set to the list of clonable network interfaces to create on this host. 1146Entries in 1147.Va cloned_interfaces 1148are automatically appended to 1149.Va network_interfaces 1150for configuration. 1151.It Va gif_interfaces 1152.Pq Vt str 1153Set to the list of 1154.Xr gif 4 1155tunnel interfaces to configure on this host. 1156A 1157.Va gifconfig_ Ns Aq Ar interface 1158variable is assumed to exist for each value of 1159.Ar interface . 1160The value of this variable is used to configure the link layer of the 1161tunnel according to the syntax of the 1162.Cm tunnel 1163option to 1164.Xr ifconfig 8 . 1165Additionally, this option ensures that each listed interface is created 1166via the 1167.Cm create 1168option to 1169.Xr ifconfig 8 1170before attempting to configure it. 1171.It Va sppp_interfaces 1172.Pq Vt str 1173Set to the list of 1174.Xr sppp 4 1175interfaces to configure on this host. 1176A 1177.Va spppconfig_ Ns Aq Ar interface 1178variable is assumed to exist for each value of 1179.Ar interface . 1180Each interface should also be configured by a general 1181.Va ifconfig_ Ns Aq Ar interface 1182setting. 1183Refer to 1184.Xr spppcontrol 8 1185for more information about available options. 1186.It Va ppp_enable 1187.Pq Vt bool 1188If set to 1189.Dq Li YES , 1190run the 1191.Xr ppp 8 1192daemon. 1193.It Va ppp_mode 1194.Pq Vt str 1195Mode in which to run the 1196.Xr ppp 8 1197daemon. 1198Accepted modes are 1199.Dq Li auto , 1200.Dq Li ddial , 1201.Dq Li direct 1202and 1203.Dq Li dedicated . 1204See the manual for a full description. 1205.It Va ppp_nat 1206.Pq Vt bool 1207If set to 1208.Dq Li YES , 1209enables network address translation. 1210Used in conjunction with 1211.Va gateway_enable 1212allows hosts on private network addresses access to the Internet using 1213this host as a network address translating router. 1214.It Va ppp_profile 1215.Pq Vt str 1216The name of the profile to use from 1217.Pa /etc/ppp/ppp.conf . 1218.It Va ppp_user 1219.Pq Vt str 1220The name of the user under which 1221.Xr ppp 8 1222should be started. 1223By 1224default, 1225.Xr ppp 8 1226is started as 1227.Dq Li root . 1228.It Va rc_conf_files 1229.Pq Vt str 1230This option is used to specify a list of files that will override 1231the settings in 1232.Pa /etc/defaults/rc.conf . 1233The files will be read in the order in which they are specified and should 1234include the full path to the file. 1235By default, the files specified are 1236.Pa /etc/rc.conf 1237and 1238.Pa /etc/rc.conf.local 1239.It Va gbde_autoattach_all 1240.Pq Vt bool 1241If set to 1242.Dq Li YES , 1243.Pa /etc/rc.d/gbde 1244will attempt to automatically initialize your .bde devices in 1245.Pa /etc/fstab . 1246.It Va gbde_devices 1247.Pq Vt str 1248List the devices that the script should try to attach, 1249or 1250.Dq Li AUTO . 1251.It Va gbde_lockdir 1252.Pq Vt str 1253The directory where the 1254.Xr gbde 4 1255lockfiles are located. 1256The default lockfile directory is 1257.Pa /etc . 1258.Pp 1259The lockfile for each individual 1260.Xr gbde 4 1261device can be overridden by setting the variable 1262.Va gbde_lock_ Ns Aq Ar device , 1263where 1264.Ar device 1265is the encrypted device without the 1266.Dq Pa /dev/ 1267and 1268.Dq Pa .bde 1269parts. 1270.It Va gbde_attach_attempts 1271.Pq Vt int 1272Number of times to attempt attaching to a 1273.Xr gbde 4 1274device, i.e., how many times the user is asked for the pass-phrase. 1275Default is 3. 1276.It Va geli_devices 1277.Pq Vt str 1278List of devices to automatically attach on boot. 1279Note that .eli devices from 1280.Pa /etc/fstab 1281are automatically appended to this list. 1282.It Va geli_tries 1283.Pq Vt int 1284Number of times user is asked for the pass-phrase. 1285If empty, it will be taken from 1286.Va kern.geom.eli.tries 1287sysctl variable. 1288.It Va geli_default_flags 1289.Pq Vt str 1290Default flags to use by 1291.Xr geli 8 1292when configuring disk encryption. 1293Flags can be configured for every device separately by defining 1294.Va geli_ Ns Ao Ar device Ac Ns Va _flags 1295variable. 1296.It Va geli_autodetach 1297.Pq Vt str 1298Specifies if GELI devices should be marked for detach on last close after 1299file systems are mounted. 1300Default is 1301.Dq Li YES . 1302This can be changed for every device separately by defining 1303.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach 1304variable. 1305.It Va geli_swap_flags 1306Options passed to the 1307.Xr geli 8 1308utility when encrypted GEOM providers for swap partitions are created. 1309The default is 1310.Dq Li "-a aes -l 256 -s 4096 -d" . 1311.It Va root_rw_mount 1312.Pq Vt bool 1313Set to 1314.Dq Li YES 1315by default. 1316After the file systems are checked at boot time, the root file system 1317is remounted as read-write if this is set to 1318.Dq Li YES . 1319Diskless systems that mount their root file system from a read-only remote 1320NFS share should set this to 1321.Dq Li NO 1322in their 1323.Pa rc.conf . 1324.It Va fsck_y_enable 1325.Pq Vt bool 1326If set to 1327.Dq Li YES , 1328.Xr fsck 8 1329will be run with the 1330.Fl y 1331flag if the initial preen 1332of the file systems fails. 1333.It Va background_fsck 1334.Pq Vt bool 1335If set to 1336.Dq Li YES , 1337the system will attempt to run 1338.Xr fsck 8 1339in the background where possible. 1340.It Va background_fsck_delay 1341.Pq Vt int 1342The amount of time in seconds to sleep before starting a background 1343.Xr fsck 8 . 1344It defaults to sixty seconds to allow large applications such as 1345the X server to start before disk I/O bandwidth is monopolized by 1346.Xr fsck 8 . 1347.It Va netfs_types 1348.Pq Vt str 1349List of file system types that are network-based. 1350This list should generally not be modified by end users. 1351Use 1352.Va extra_netfs_types 1353instead. 1354.It Va extra_netfs_types 1355.Pq Vt str 1356If set to something other than 1357.Dq Li NO 1358(the default), 1359this variable extends the list of file system types 1360for which automatic mounting at startup by 1361.Xr rc 8 1362should be delayed until the network is initialized. 1363It should contain 1364a whitespace-separated list of network file system descriptor pairs, 1365each consisting of a file system type as passed to 1366.Xr mount 8 1367and a human-readable, one-word description, 1368joined with a colon 1369.Pq Ql \&: . 1370Extending the default list in this way is only necessary 1371when third party file system types are used. 1372.It Va syslogd_enable 1373.Pq Vt bool 1374If set to 1375.Dq Li YES , 1376run the 1377.Xr syslogd 8 1378daemon. 1379.It Va syslogd_program 1380.Pq Vt str 1381Path to 1382.Xr syslogd 8 1383(default 1384.Pa /usr/sbin/syslogd ) . 1385.It Va syslogd_flags 1386.Pq Vt str 1387If 1388.Va syslogd_enable 1389is set to 1390.Dq Li YES , 1391these are the flags to pass to 1392.Xr syslogd 8 . 1393.It Va inetd_enable 1394.Pq Vt bool 1395If set to 1396.Dq Li YES , 1397run the 1398.Xr inetd 8 1399daemon. 1400.It Va inetd_program 1401.Pq Vt str 1402Path to 1403.Xr inetd 8 1404(default 1405.Pa /usr/sbin/inetd ) . 1406.It Va inetd_flags 1407.Pq Vt str 1408If 1409.Va inetd_enable 1410is set to 1411.Dq Li YES , 1412these are the flags to pass to 1413.Xr inetd 8 . 1414.It Va named_enable 1415.Pq Vt bool 1416If set to 1417.Dq Li YES , 1418run the 1419.Xr named 8 1420daemon. 1421.It Va named_program 1422.Pq Vt str 1423Path to 1424.Xr named 8 1425(default 1426.Pa /usr/sbin/named ) . 1427.It Va named_flags 1428.Pq Vt str 1429If 1430.Va named_enable 1431is set to 1432.Dq Li YES , 1433these are the flags to pass to 1434.Xr named 8 . 1435.It Va named_pidfile 1436.Pq Vt str 1437This is the default path to the 1438.Xr named 8 1439daemon's PID file. 1440This must match the location in 1441.Xr named.conf 5 . 1442.It Va named_uid 1443.Pq Vt str 1444The user that the named process should be run as. 1445.It Va named_chrootdir 1446.Pq Vt str 1447The root directory for a name server run in a 1448.Xr chroot 8 1449environment (default 1450.Pa /var/named ) . 1451If left empty 1452.Xr named 8 1453will not be run in a 1454.Xr chroot 8 1455environment. 1456.It Va named_chroot_autoupdate 1457.Pq Vt bool 1458Set to 1459.Dq Li NO 1460to disable automatic update of the 1461.Xr chroot 8 1462environment. 1463.It Va named_symlink_enable 1464.Pq Vt bool 1465Set to 1466.Dq Li NO 1467to disable symlinking of 1468daemon's PID file 1469into the 1470.Xr chroot 8 1471environment. 1472.It Va kerberos5_server_enable 1473.Pq Vt bool 1474Set to 1475.Dq Li YES 1476to start a Kerberos 5 authentication server 1477at boot time. 1478.It Va kerberos5_server 1479.Pq Vt str 1480If 1481.Va kerberos5_server_enable 1482is set to 1483.Dq Li YES 1484this is the path to Kerberos 5 Authentication Server. 1485.It Va kerberos5_server_flags 1486.Pq Vt str 1487Empty by default. 1488This variable contains additional flags to be passed to the Kerberos 5 1489authentication server. 1490.It Va kadmind5_server_enable 1491.Pq Vt bool 1492Set to 1493.Dq Li YES 1494to start 1495.Xr kadmind 8 , 1496the Kerberos 5 Administration Daemon; set to 1497.Dq Li NO 1498on a slave server. 1499.It Va kadmind5_server 1500.Pq Vt str 1501If 1502.Va kadmind5_server_enable 1503is set to 1504.Dq Li YES 1505this is the path to Kerberos 5 Administration Daemon. 1506.It Va kpasswdd_server_enable 1507.Pq Vt bool 1508Set to 1509.Dq Li YES 1510to start 1511.Xr kpasswdd 8 , 1512the Kerberos 5 Password-Changing Daemon; set to 1513.Dq Li NO 1514on a slave server. 1515.It Va kpasswdd_server 1516.Pq Vt str 1517If 1518.Va kpasswdd_server_enable 1519is set to 1520.Dq Li YES 1521this is the path to Kerberos 5 Password-Changing Daemon. 1522.It Va rwhod_enable 1523.Pq Vt bool 1524If set to 1525.Dq Li YES , 1526run the 1527.Xr rwhod 8 1528daemon at boot time. 1529.It Va rwhod_flags 1530.Pq Vt str 1531If 1532.Va rwhod_enable 1533is set to 1534.Dq Li YES , 1535these are the flags to pass to it. 1536.It Va amd_enable 1537.Pq Vt bool 1538If set to 1539.Dq Li YES , 1540run the 1541.Xr amd 8 1542daemon at boot time. 1543.It Va amd_flags 1544.Pq Vt str 1545If 1546.Va amd_enable 1547is set to 1548.Dq Li YES , 1549these are the flags to pass to it. 1550See the 1551.Xr amd 8 1552manpage for more information. 1553.It Va amd_map_program 1554.Pq Vt str 1555If set, 1556the specified program is run to get the list of 1557.Xr amd 8 1558maps. 1559For example, if the 1560.Xr amd 8 1561maps are stored in NIS, one can set this to 1562run 1563.Xr ypcat 1 1564to get a list of 1565.Xr amd 8 1566maps from the 1567.Pa amd.master 1568NIS map. 1569.It Va update_motd 1570.Pq Vt bool 1571If set to 1572.Dq Li YES , 1573.Pa /etc/motd 1574will be updated at boot time to reflect the kernel release 1575being run. 1576If set to 1577.Dq Li NO , 1578.Pa /etc/motd 1579will not be updated. 1580.It Va nfs_client_enable 1581.Pq Vt bool 1582If set to 1583.Dq Li YES , 1584run the NFS client daemons at boot time. 1585.It Va nfs_access_cache 1586.Pq Vt int 1587If 1588.Va nfs_client_enable 1589is set to 1590.Dq Li YES , 1591this can be set to 1592.Dq Li 0 1593to disable NFS ACCESS RPC caching, or to the number of seconds for which 1594NFS ACCESS 1595results should be cached. 1596A value of 2-10 seconds will substantially reduce network 1597traffic for many NFS operations. 1598.It Va nfs_server_enable 1599.Pq Vt bool 1600If set to 1601.Dq Li YES , 1602run the NFS server daemons at boot time. 1603.It Va nfs_server_flags 1604.Pq Vt str 1605If 1606.Va nfs_server_enable 1607is set to 1608.Dq Li YES , 1609these are the flags to pass to the 1610.Xr nfsd 8 1611daemon. 1612.It Va mountd_enable 1613.Pq Vt bool 1614If set to 1615.Dq Li YES , 1616and no 1617.Va nfs_server_enable 1618is set, start 1619.Xr mountd 8 , 1620but not 1621.Xr nfsd 8 1622daemon. 1623It is commonly needed to run CFS without real NFS used. 1624.It Va mountd_flags 1625.Pq Vt str 1626If 1627.Va mountd_enable 1628is set to 1629.Dq Li YES , 1630these are the flags to pass to the 1631.Xr mountd 8 1632daemon. 1633.It Va weak_mountd_authentication 1634.Pq Vt bool 1635If set to 1636.Dq Li YES , 1637allow services like PCNFSD to make non-privileged mount 1638requests. 1639.It Va nfs_reserved_port_only 1640.Pq Vt bool 1641If set to 1642.Dq Li YES , 1643provide NFS services only on a secure port. 1644.It Va nfs_bufpackets 1645.Pq Vt int 1646If set to a number, indicates the number of packets worth of 1647socket buffer space to reserve on an NFS client. 1648The kernel default is typically 4. 1649Using a higher number may be 1650useful on gigabit networks to improve performance. 1651The minimum value is 16522 and the maximum is 64. 1653.It Va rpc_lockd_enable 1654.Pq Vt bool 1655If set to 1656.Dq Li YES 1657and also an NFS server or client, run 1658.Xr rpc.lockd 8 1659at boot time. 1660.It Va rpc_statd_enable 1661.Pq Vt bool 1662If set to 1663.Dq Li YES 1664and also an NFS server or client, run 1665.Xr rpc.statd 8 1666at boot time. 1667.It Va rpcbind_program 1668.Pq Vt str 1669Path to 1670.Xr rpcbind 8 1671(default 1672.Pa /usr/sbin/rpcbind ) . 1673.It Va rpcbind_enable 1674.Pq Vt bool 1675If set to 1676.Dq Li YES , 1677run the 1678.Xr rpcbind 8 1679service at boot time. 1680.It Va rpcbind_flags 1681.Pq Vt str 1682If 1683.Va rpcbind_enable 1684is set to 1685.Dq Li YES , 1686these are the flags to pass to the 1687.Xr rpcbind 8 1688daemon. 1689.It Va keyserv_enable 1690.Pq Vt bool 1691If set to 1692.Dq Li YES , 1693run the 1694.Xr keyserv 8 1695daemon on boot for running Secure RPC. 1696.It Va keyserv_flags 1697.Pq Vt str 1698If 1699.Va keyserv_enable 1700is set to 1701.Dq Li YES , 1702these are the flags to pass to 1703.Xr keyserv 8 1704daemon. 1705.It Va pppoed_enable 1706.Pq Vt bool 1707If set to 1708.Dq Li YES , 1709run the 1710.Xr pppoed 8 1711daemon at boot time to provide PPP over Ethernet services. 1712.It Va pppoed_ Ns Ar provider 1713.Pq Vt str 1714.Xr pppoed 8 1715listens to requests to this 1716.Ar provider 1717and ultimately runs 1718.Xr ppp 8 1719with a 1720.Ar system 1721argument of the same name. 1722.It Va pppoed_flags 1723.Pq Vt str 1724Additional flags to pass to 1725.Xr pppoed 8 . 1726.It Va pppoed_interface 1727.Pq Vt str 1728The network interface to run 1729.Xr pppoed 8 1730on. 1731This is mandatory when 1732.Va pppoed_enable 1733is set to 1734.Dq Li YES . 1735.It Va timed_enable 1736.Pq Vt bool 1737If set to 1738.Dq Li YES , 1739run the 1740.Xr timed 8 1741service at boot time. 1742This command is intended for networks of 1743machines where a consistent 1744.Dq "network time" 1745for all hosts must be established. 1746This is often useful in large NFS 1747environments where time stamps on files are expected to be consistent 1748network-wide. 1749.It Va timed_flags 1750.Pq Vt str 1751If 1752.Va timed_enable 1753is set to 1754.Dq Li YES , 1755these are the flags to pass to the 1756.Xr timed 8 1757service. 1758.It Va ntpdate_enable 1759.Pq Vt bool 1760If set to 1761.Dq Li YES , 1762run 1763.Xr ntpdate 8 1764at system startup. 1765This command is intended to 1766synchronize the system clock only 1767.Em once 1768from some standard reference. 1769An option to set this up initially 1770(from a list of known servers) is also provided by the 1771.Xr sysinstall 8 1772program when the system is first installed. 1773.It Va ntpdate_config 1774Configuration file for 1775.Xr ntpdate 8 . 1776.Pq Vt str 1777(default 1778.Pa /etc/ntp.conf ). 1779.It Va ntpdate_hosts 1780.Pq Vt str 1781A whitespace-separated list of NTP servers to synchronize with at startup. 1782The default is to use the servers listed in 1783.Va ntpdate_config , 1784if that file exists. 1785.It Va ntpdate_program 1786.Pq Vt str 1787Path to 1788.Xr ntpdate 8 1789(default 1790.Pa /usr/sbin/ntpdate ) . 1791.It Va ntpdate_flags 1792.Pq Vt str 1793If 1794.Va ntpdate_enable 1795is set to 1796.Dq Li YES , 1797these are the flags to pass to the 1798.Xr ntpdate 8 1799command (typically a hostname). 1800.It Va ntpd_enable 1801.Pq Vt bool 1802If set to 1803.Dq Li YES , 1804run the 1805.Xr ntpd 8 1806command at boot time. 1807.It Va ntpd_program 1808.Pq Vt str 1809Path to 1810.Xr ntpd 8 1811(default 1812.Pa /usr/sbin/ntpd ) . 1813.It Va ntpd_config 1814.Pq Vt str 1815Path to 1816.Xr ntpd 8 1817configuration file. 1818(default 1819.Pa /etc/ntp.conf ) . 1820.It Va ntpd_flags 1821.Pq Vt str 1822If 1823.Va ntpd_enable 1824is set to 1825.Dq Li YES , 1826these are the flags to pass to the 1827.Xr ntpd 8 1828daemon. 1829.It Va ntpd_sync_on_start 1830.Pq Vt bool 1831If set to 1832.Dq Li YES , 1833.Xr ntpd 8 1834is run with the 1835.Fl g 1836flag, which syncs the system's clock on startup. 1837See 1838.Xr ntpd 8 1839for more information regarding the 1840.Fl g 1841option. 1842This is a preferred alternative to using 1843.Xr ntpdate 8 1844or specifying the 1845.Va ntpdate_enable 1846variable. 1847.It Va nis_client_enable 1848.Pq Vt bool 1849If set to 1850.Dq Li YES , 1851run the 1852.Xr ypbind 8 1853service at system boot time. 1854.It Va nis_client_flags 1855.Pq Vt str 1856If 1857.Va nis_client_enable 1858is set to 1859.Dq Li YES , 1860these are the flags to pass to the 1861.Xr ypbind 8 1862service. 1863.It Va nis_ypset_enable 1864.Pq Vt bool 1865If set to 1866.Dq Li YES , 1867run the 1868.Xr ypset 8 1869daemon at system boot time. 1870.It Va nis_ypset_flags 1871.Pq Vt str 1872If 1873.Va nis_ypset_enable 1874is set to 1875.Dq Li YES , 1876these are the flags to pass to the 1877.Xr ypset 8 1878daemon. 1879.It Va nis_server_enable 1880.Pq Vt bool 1881If set to 1882.Dq Li YES , 1883run the 1884.Xr ypserv 8 1885daemon at system boot time. 1886.It Va nis_server_flags 1887.Pq Vt str 1888If 1889.Va nis_server_enable 1890is set to 1891.Dq Li YES , 1892these are the flags to pass to the 1893.Xr ypserv 8 1894daemon. 1895.It Va nis_ypxfrd_enable 1896.Pq Vt bool 1897If set to 1898.Dq Li YES , 1899run the 1900.Xr rpc.ypxfrd 8 1901daemon at system boot time. 1902.It Va nis_ypxfrd_flags 1903.Pq Vt str 1904If 1905.Va nis_ypxfrd_enable 1906is set to 1907.Dq Li YES , 1908these are the flags to pass to the 1909.Xr rpc.ypxfrd 8 1910daemon. 1911.It Va nis_yppasswdd_enable 1912.Pq Vt bool 1913If set to 1914.Dq Li YES , 1915run the 1916.Xr rpc.yppasswdd 8 1917daemon at system boot time. 1918.It Va nis_yppasswdd_flags 1919.Pq Vt str 1920If 1921.Va nis_yppasswdd_enable 1922is set to 1923.Dq Li YES , 1924these are the flags to pass to the 1925.Xr rpc.yppasswdd 8 1926daemon. 1927.It Va rpc_ypupdated_enable 1928.Pq Vt bool 1929If set to 1930.Dq Li YES , 1931run the 1932.Nm rpc.ypupdated 1933daemon at system boot time. 1934.It Va bsnmpd_enable 1935.Pq Vt bool 1936If set to 1937.Dq Li YES , 1938run the 1939.Xr bsnmpd 1 1940daemon at system boot time. 1941Be sure to understand the security implications of running SNMP daemon 1942on your host. 1943.It Va bsnmpd_flags 1944.Pq Vt str 1945If 1946.Va bsnmpd_enable 1947is set to 1948.Dq Li YES , 1949these are the flags to pass to the 1950.Xr bsnmpd 1 1951daemon. 1952.It Va defaultrouter 1953.Pq Vt str 1954If not set to 1955.Dq Li NO , 1956create a default route to this host name or IP address 1957(use an IP address if this router is also required to get to the 1958name server!). 1959.It Va ipv6_defaultrouter 1960.Pq Vt str 1961The IPv6 equivalent of 1962.Va defaultrouter . 1963.It Va static_routes 1964.Pq Vt str 1965Set to the list of static routes that are to be added at system 1966boot time. 1967If not set to 1968.Dq Li NO 1969then for each whitespace separated 1970.Ar element 1971in the value, a 1972.Va route_ Ns Aq Ar element 1973variable is assumed to exist 1974whose contents will later be passed to a 1975.Dq Nm route Cm add 1976operation. 1977For example: 1978.Bd -literal 1979static_routes="mcast gif0local" 1980route_mcast="-net 224.0.0.0/4 -iface gif0" 1981route_gif0local="-host 169.254.1.1 -iface lo0" 1982.Ed 1983.It Va ipv6_static_routes 1984.Pq Vt str 1985The IPv6 equivalent of 1986.Va static_routes . 1987If not set to 1988.Dq Li NO 1989then for each whitespace separated 1990.Ar element 1991in the value, a 1992.Va ipv6_route_ Ns Aq Ar element 1993variable is assumed to exist 1994whose contents will later be passed to a 1995.Dq Nm route Cm add Fl inet6 1996operation. 1997.It Va natm_static_routes 1998.Pq Vt str 1999The 2000.Xr natmip 4 2001equivalent of 2002.Va static_routes . 2003If not empty then for each whitespace separated 2004.Ar element 2005in the value, a 2006.Va route_ Ns Aq Ar element 2007variable is assumed to exist whose contents will later be passed to a 2008.Dq Nm atmconfig Cm natm Cm add 2009operation. 2010.It Va gateway_enable 2011.Pq Vt bool 2012If set to 2013.Dq Li YES , 2014configure host to act as an IP router, e.g.\& to forward packets 2015between interfaces. 2016.It Va ipv6_gateway_enable 2017.Pq Vt bool 2018The IPv6 equivalent of 2019.Va gateway_enable . 2020.It Va router_enable 2021.Pq Vt bool 2022If set to 2023.Dq Li YES , 2024run a routing daemon of some sort, based on the 2025settings of 2026.Va router 2027and 2028.Va router_flags . 2029.It Va ipv6_router_enable 2030.Pq Vt bool 2031The IPv6 equivalent of 2032.Va router_enable . 2033If set to 2034.Dq Li YES , 2035run a routing daemon of some sort, based on the 2036settings of 2037.Va ipv6_router 2038and 2039.Va ipv6_router_flags . 2040.It Va router 2041.Pq Vt str 2042If 2043.Va router_enable 2044is set to 2045.Dq Li YES , 2046this is the name of the routing daemon to use. 2047.It Va ipv6_router 2048.Pq Vt str 2049The IPv6 equivalent of 2050.Va router . 2051.It Va router_flags 2052.Pq Vt str 2053If 2054.Va router_enable 2055is set to 2056.Dq Li YES , 2057these are the flags to pass to the routing daemon. 2058.It Va ipv6_router_flags 2059.Pq Vt str 2060The IPv6 equivalent of 2061.Va router_flags . 2062.It Va mrouted_enable 2063.Pq Vt bool 2064If set to 2065.Dq Li YES , 2066run the multicast routing daemon, 2067.Xr mrouted 8 . 2068.It Va mroute6d_enable 2069.Pq Vt bool 2070The IPv6 equivalent of 2071.Va mrouted_enable . 2072If set to 2073.Dq Li YES , 2074run the IPv6 multicast routing daemon. 2075Note that no IPv6 multicast routing daemon is included in the 2076.Fx 2077base system but 2078.Xr pim6dd 8 2079can be installed from the 2080.Fx 2081Ports Collection. 2082.It Va mrouted_flags 2083.Pq Vt str 2084If 2085.Va mrouted_enable 2086is set to 2087.Dq Li YES , 2088these are the flags to pass to the 2089.Xr mrouted 8 2090daemon. 2091.It Va mroute6d_flags 2092.Pq Vt str 2093The IPv6 equivalent of 2094.Va mrouted_flags . 2095If 2096.Va mroute6d_enable 2097is set to 2098.Dq Li YES , 2099these are the flags passed to the IPv6 multicast routing daemon. 2100.It Va mroute6d_program 2101.Pq Vt str 2102If 2103.Va mroute6d_enable 2104is set to 2105.Dq Li YES , 2106this is the path to the IPv6 multicast routing daemon. 2107.It Va rtadvd_enable 2108.Pq Vt bool 2109If set to 2110.Dq Li YES , 2111run the 2112.Xr rtadvd 8 2113daemon at boot time. 2114.Xr rtadvd 8 2115will only run if 2116.Va ipv6_gateway_enable 2117is also set to 2118.Dq Li YES . 2119The 2120.Xr rtadvd 8 2121utility sends router advertisement packets to the interfaces specified in 2122.Va rtadvd_interfaces 2123and should only be enabled with great care. 2124You may want to fine-tune 2125.Xr rtadvd.conf 5 . 2126.It Va rtadvd_interfaces 2127.Pq Vt str 2128If 2129.Va rtadvd_enable 2130is set to 2131.Dq Li YES 2132this is the list of interfaces to use. 2133.It Va ipxgateway_enable 2134.Pq Vt bool 2135If set to 2136.Dq Li YES , 2137enable the routing of IPX traffic. 2138.It Va ipxrouted_enable 2139.Pq Vt bool 2140If set to 2141.Dq Li YES , 2142run the 2143.Xr IPXrouted 8 2144daemon at system boot time. 2145.It Va ipxrouted_flags 2146.Pq Vt str 2147If 2148.Va ipxrouted_enable 2149is set to 2150.Dq Li YES , 2151these are the flags to pass to the 2152.Xr IPXrouted 8 2153daemon. 2154.It Va arpproxy_all 2155.Pq Vt bool 2156If set to 2157.Dq Li YES , 2158enable global proxy ARP. 2159.It Va forward_sourceroute 2160.Pq Vt bool 2161If set to 2162.Dq Li YES 2163and 2164.Va gateway_enable 2165is also set to 2166.Dq Li YES , 2167source-routed packets are forwarded. 2168.It Va accept_sourceroute 2169.Pq Vt bool 2170If set to 2171.Dq Li YES , 2172the system will accept source-routed packets directed at it. 2173.It Va rarpd_enable 2174.Pq Vt bool 2175If set to 2176.Dq Li YES , 2177run the 2178.Xr rarpd 8 2179daemon at system boot time. 2180.It Va rarpd_flags 2181.Pq Vt str 2182If 2183.Va rarpd_enable 2184is set to 2185.Dq Li YES , 2186these are the flags to pass to the 2187.Xr rarpd 8 2188daemon. 2189.It Va bootparamd_enable 2190.Pq Vt bool 2191If set to 2192.Dq Li YES , 2193run the 2194.Xr bootparamd 8 2195daemon at system boot time. 2196.It Va bootparamd_flags 2197.Pq Vt str 2198If 2199.Va bootparamd_enable 2200is set to 2201.Dq Li YES , 2202these are the flags to pass to the 2203.Xr bootparamd 8 2204daemon. 2205.It Va stf_interface_ipv4addr 2206.Pq Vt str 2207If not set to 2208.Dq Li NO , 2209this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2210interface). 2211Specify this entry to enable the 6to4 interface. 2212.It Va stf_interface_ipv4plen 2213.Pq Vt int 2214Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2215An effective value is 0-31. 2216.It Va stf_interface_ipv6_ifid 2217.Pq Vt str 2218IPv6 interface ID for 2219.Xr stf 4 . 2220This can be set to 2221.Dq Li AUTO . 2222.It Va stf_interface_ipv6_slaid 2223.Pq Vt str 2224IPv6 Site Level Aggregator for 2225.Xr stf 4 . 2226.It Va ipv6_faith_prefix 2227.Pq Vt str 2228If not set to 2229.Dq Li NO , 2230this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2231translator. 2232You also need 2233.Xr faithd 8 2234setup. 2235.It Va ipv6_ipv4mapping 2236.Pq Vt bool 2237If set to 2238.Dq Li YES 2239this enables IPv4 mapped IPv6 address communication (like 2240.Li ::ffff:a.b.c.d ) . 2241.It Va atm_enable 2242.Pq Vt bool 2243Set to 2244.Dq Li YES 2245to enable the configuration of ATM interfaces at system boot time. 2246For all of the ATM variables described below, please refer to the 2247.Xr atm 8 2248manual page for further details on the available command parameters. 2249Also refer to the files in 2250.Pa /usr/share/examples/atm 2251for more detailed configuration information. 2252.It Va atm_load 2253.Pq Vt str 2254This is a list of physical ATM interface drivers to load. 2255Typical values are 2256.Dq Li hfa_pci 2257and/or 2258.Dq Li hea_pci . 2259.It Va atm_netif_ Ns Aq Ar intf 2260.Pq Vt str 2261For the ATM physical interface 2262.Ar intf , 2263this variable defines the name prefix and count for the ATM network 2264interfaces to be created. 2265The value will be passed as the parameters of an 2266.Dq Nm atm Cm "set netif" Ar intf 2267command. 2268.It Va atm_sigmgr_ Ns Aq Ar intf 2269.Pq Vt str 2270For the ATM physical interface 2271.Ar intf , 2272this variable defines the ATM signalling manager to be used. 2273The value will be passed as the parameters of an 2274.Dq Nm atm Cm attach Ar intf 2275command. 2276.It Va atm_prefix_ Ns Aq Ar intf 2277.Pq Vt str 2278For the ATM physical interface 2279.Ar intf , 2280this variable defines the NSAP prefix for interfaces using a UNI signalling 2281manager. 2282If set to 2283.Dq Li ILMI , 2284the prefix will automatically be set via the 2285.Xr ilmid 8 2286daemon. 2287Otherwise, the value will be passed as the parameters of an 2288.Dq Nm atm Cm "set prefix" Ar intf 2289command. 2290.It Va atm_macaddr_ Ns Aq Ar intf 2291.Pq Vt str 2292For the ATM physical interface 2293.Ar intf , 2294this variable defines the MAC address for interfaces using a UNI signalling 2295manager. 2296If set to 2297.Dq Li NO , 2298the hardware MAC address contained in the ATM interface card will be used. 2299Otherwise, the value will be passed as the parameters of an 2300.Dq Nm atm Cm "set mac" Ar intf 2301command. 2302.It Va atm_arpserver_ Ns Aq Ar netif 2303.Pq Vt str 2304For the ATM network interface 2305.Ar netif , 2306this variable defines the ATM address for a host which is to provide ATMARP 2307service. 2308This variable is only applicable to interfaces using a UNI signalling 2309manager. 2310If set to 2311.Dq Li local , 2312this host will become an ATMARP server. 2313The value will be passed as the parameters of an 2314.Dq Nm atm Cm "set arpserver" Ar netif 2315command. 2316.It Va atm_scsparp_ Ns Aq Ar netif 2317.Pq Vt bool 2318If set to 2319.Dq Li YES , 2320SCSP/ATMARP service for the network interface 2321.Ar netif 2322will be initiated using the 2323.Xr scspd 8 2324and 2325.Xr atmarpd 8 2326daemons. 2327This variable is only applicable if 2328.Va atm_arpserver_ Ns Aq Ar netif 2329is set to 2330.Dq Li local . 2331.It Va atm_pvcs 2332.Pq Vt str 2333Set to the list of ATM PVCs to be added at system 2334boot time. 2335For each whitespace separated 2336.Ar element 2337in the value, an 2338.Va atm_pvc_ Ns Aq Ar element 2339variable is assumed to exist. 2340The value of each of these variables 2341will be passed as the parameters of an 2342.Dq Nm atm Cm "add pvc" 2343command. 2344.It Va atm_arps 2345.Pq Vt str 2346Set to the list of permanent ATM ARP entries to be added 2347at system boot time. 2348For each whitespace separated 2349.Ar element 2350in the value, an 2351.Va atm_arp_ Ns Aq Ar element 2352variable is assumed to exist. 2353The value of each of these variables 2354will be passed as the parameters of an 2355.Dq Nm atm Cm "add arp" 2356command. 2357.It Va natm_interfaces 2358.Pq Vt str 2359Set to the list of 2360.Xr natm 4 2361interfaces that will also be used for HARP through 2362.Xr harp 4 . 2363If this list is not empty all interfaces in the list will be brought up 2364with 2365.Xr ifconfig 8 2366and 2367.Xr harp 4 2368will be loaded. 2369For this to work the interface drivers must be either compiled into the 2370kernel or must reside on the root partition. 2371.It Va keybell 2372.Pq Vt str 2373The keyboard bell sound. 2374Set to 2375.Dq Li normal , 2376.Dq Li visual , 2377.Dq Li off , 2378or 2379.Dq Li NO 2380if the default behavior is desired. 2381For details, refer to the 2382.Xr kbdcontrol 1 2383manpage. 2384.It Va keyboard 2385.Pq Vt str 2386If set to a non-null string, the virtual console's keyboard input is 2387set to this device. 2388.It Va keymap 2389.Pq Vt str 2390If set to 2391.Dq Li NO , 2392no keymap is installed, otherwise the value is used to install 2393the keymap file in 2394.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2395.It Va keyrate 2396.Pq Vt str 2397The keyboard repeat speed. 2398Set to 2399.Dq Li slow , 2400.Dq Li normal , 2401.Dq Li fast , 2402or 2403.Dq Li NO 2404if the default behavior is desired. 2405.It Va keychange 2406.Pq Vt str 2407If not set to 2408.Dq Li NO , 2409attempt to program the function keys with the value. 2410The value should 2411be a single string of the form: 2412.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2413.It Va cursor 2414.Pq Vt str 2415Can be set to the value of 2416.Dq Li normal , 2417.Dq Li blink , 2418.Dq Li destructive , 2419or 2420.Dq Li NO 2421to set the cursor behavior explicitly or choose the default behavior. 2422.It Va scrnmap 2423.Pq Vt str 2424If set to 2425.Dq Li NO , 2426no screen map is installed, otherwise the value is used to install 2427the screen map file in 2428.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2429.It Va font8x16 2430.Pq Vt str 2431If set to 2432.Dq Li NO , 2433the default 8x16 font value is used for screen size requests, otherwise 2434the value in 2435.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2436is used. 2437.It Va font8x14 2438.Pq Vt str 2439If set to 2440.Dq Li NO , 2441the default 8x14 font value is used for screen size requests, otherwise 2442the value in 2443.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2444is used. 2445.It Va font8x8 2446.Pq Vt str 2447If set to 2448.Dq Li NO , 2449the default 8x8 font value is used for screen size requests, otherwise 2450the value in 2451.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2452is used. 2453.It Va blanktime 2454.Pq Vt int 2455If set to 2456.Dq Li NO , 2457the default screen blanking interval is used, otherwise it is set 2458to 2459.Ar value 2460seconds. 2461.It Va saver 2462.Pq Vt str 2463If not set to 2464.Dq Li NO , 2465this is the actual screen saver to use 2466.Li ( blank , snake , daemon , 2467etc). 2468.It Va moused_nondefault_enable 2469.Pq Vt str 2470If set to 2471.Dq Li NO , 2472the mouse device specified on 2473the command line is not automatically treated as enabled by the 2474.Pa /etc/rc.d/moused 2475script. 2476Having this variable set to 2477.Dq Li YES 2478allows a 2479.Xr usb 4 2480mouse, 2481for example, 2482to be enabled as soon as it is plugged in. 2483.It Va moused_enable 2484.Pq Vt str 2485If set to 2486.Dq Li YES , 2487the 2488.Xr moused 8 2489daemon is started for doing cut/paste selection on the console. 2490.It Va moused_type 2491.Pq Vt str 2492This is the protocol type of the mouse connected to this host. 2493This variable must be set if 2494.Va moused_enable 2495is set to 2496.Dq Li YES . 2497The 2498.Xr moused 8 2499daemon 2500is able to detect the appropriate mouse type automatically in many cases. 2501Set this variable to 2502.Dq Li auto 2503to let the daemon detect it, or 2504select one from the following list if the automatic detection fails. 2505.Pp 2506If the mouse is attached to the PS/2 mouse port, choose 2507.Dq Li auto 2508or 2509.Dq Li ps/2 , 2510regardless of the brand and model of the mouse. 2511Likewise, if the 2512mouse is attached to the bus mouse port, choose 2513.Dq Li auto 2514or 2515.Dq Li busmouse . 2516All other protocols are for serial mice and will not work with 2517the PS/2 and bus mice. 2518If this is a USB mouse, 2519.Dq Li auto 2520is the only protocol type which will work. 2521.Pp 2522.Bl -tag -width ".Li x10mouseremote" -compact 2523.It Li microsoft 2524Microsoft mouse (serial) 2525.It Li intellimouse 2526Microsoft IntelliMouse (serial) 2527.It Li mousesystems 2528Mouse systems Corp.\& mouse (serial) 2529.It Li mmseries 2530MM Series mouse (serial) 2531.It Li logitech 2532Logitech mouse (serial) 2533.It Li busmouse 2534A bus mouse 2535.It Li mouseman 2536Logitech MouseMan and TrackMan (serial) 2537.It Li glidepoint 2538ALPS GlidePoint (serial) 2539.It Li thinkingmouse 2540Kensington ThinkingMouse (serial) 2541.It Li ps/2 2542PS/2 mouse 2543.It Li mmhittab 2544MM HitTablet (serial) 2545.It Li x10mouseremote 2546X10 MouseRemote (serial) 2547.It Li versapad 2548Interlink VersaPad (serial) 2549.El 2550.Pp 2551Even if the mouse is not in the above list, it may be compatible 2552with one in the list. 2553Refer to the manual page for 2554.Xr moused 8 2555for compatibility information. 2556.Pp 2557It should also be noted that while this is enabled, any 2558other client of the mouse (such as an X server) should access 2559the mouse through the virtual mouse device, 2560.Pa /dev/sysmouse , 2561and configure it as a 2562.Dq Li sysmouse 2563type mouse, since all 2564mouse data is converted to this single canonical format when 2565using 2566.Xr moused 8 . 2567If the client program does not support the 2568.Dq Li sysmouse 2569type, 2570specify the 2571.Dq Li mousesystems 2572type. 2573It is the second preferred type. 2574.It Va moused_port 2575.Pq Vt str 2576If 2577.Va moused_enable 2578is set to 2579.Dq Li YES , 2580this is the actual port the mouse is on. 2581It might be 2582.Pa /dev/cuad0 2583for a COM1 serial mouse, 2584.Pa /dev/psm0 2585for a PS/2 mouse or 2586.Pa /dev/mse0 2587for a bus mouse, for example. 2588.It Va moused_flags 2589.Pq Vt str 2590If 2591.Va moused_type 2592is set, these are the additional flags to pass to the 2593.Xr moused 8 2594daemon. 2595.It Va mousechar_start 2596.Pq Vt int 2597If set to 2598.Dq Li NO , 2599the default mouse cursor character range 2600.Li 0xd0 Ns - Ns Li 0xd3 2601is used, 2602otherwise the range start is set 2603to 2604.Ar value 2605character, see 2606.Xr vidcontrol 1 . 2607Use if the default range is occupied in the language code table. 2608.It Va allscreens_flags 2609.Pq Vt str 2610If set, 2611.Xr vidcontrol 1 2612is run with these options for each of the virtual terminals 2613.Pq Pa /dev/ttyv* . 2614For example, 2615.Dq Fl m Cm on 2616will enable the mouse pointer on all virtual terminals 2617if 2618.Va moused_enable 2619is set to 2620.Dq Li YES . 2621.It Va allscreens_kbdflags 2622.Pq Vt str 2623If set, 2624.Xr kbdcontrol 1 2625is run with these options for each of the virtual terminals 2626.Pq Pa /dev/ttyv* . 2627For example, 2628.Dq Fl h Li 200 2629will set the 2630.Xr syscons 4 2631scrollback (history) buffer to 200 lines. 2632.It Va cron_enable 2633.Pq Vt bool 2634If set to 2635.Dq Li YES , 2636run the 2637.Xr cron 8 2638daemon at system boot time. 2639.It Va cron_program 2640.Pq Vt str 2641Path to 2642.Xr cron 8 2643(default 2644.Pa /usr/sbin/cron ) . 2645.It Va cron_flags 2646.Pq Vt str 2647If 2648.Va cron_enable 2649is set to 2650.Dq Li YES , 2651these are the flags to pass to 2652.Xr cron 8 . 2653.It Va cron_dst 2654.Pq Vt bool 2655If set to 2656.Dq Li YES , 2657enable the special handling of transitions to and from the 2658Daylight Saving Time in 2659.Xr cron 8 2660(equivalent to using the flag 2661.Fl s ) . 2662.It Va lpd_program 2663.Pq Vt str 2664Path to 2665.Xr lpd 8 2666(default 2667.Pa /usr/sbin/lpd ) . 2668.It Va lpd_enable 2669.Pq Vt bool 2670If set to 2671.Dq Li YES , 2672run the 2673.Xr lpd 8 2674daemon at system boot time. 2675.It Va lpd_flags 2676.Pq Vt str 2677If 2678.Va lpd_enable 2679is set to 2680.Dq Li YES , 2681these are the flags to pass to the 2682.Xr lpd 8 2683daemon. 2684.It Va chkprintcap_enable 2685.Pq Vt bool 2686If set to 2687.Dq Li YES , 2688run the 2689.Xr chkprintcap 8 2690command before starting the 2691.Xr lpd 8 2692daemon. 2693.It Va chkprintcap_flags 2694.Pq Vt str 2695If 2696.Va lpd_enable 2697and 2698.Va chkprintcap_enable 2699are set to 2700.Dq Li YES , 2701these are the flags to pass to the 2702.Xr chkprintcap 8 2703program. 2704The default is 2705.Dq Li -d , 2706which causes missing directories to be created. 2707.It Va mta_start_script 2708.Pq Vt str 2709This variable specifies the full path to the script to run to start 2710a mail transfer agent. 2711The default is 2712.Pa /etc/rc.sendmail . 2713The 2714.Va sendmail_* 2715variables which 2716.Pa /etc/rc.sendmail 2717uses are documented in the 2718.Xr rc.sendmail 8 2719manual page. 2720.It Va dumpdev 2721.Pq Vt str 2722Indicates the device (usually a swap partition) to which a crash dump 2723should be written in the event of a system crash. 2724If the value of this variable is 2725.Dq Li AUTO , 2726the first suitable swap device listed in 2727.Pa /etc/fstab 2728will be used as dump device. 2729Otherwise, the value of this variable is passed as the argument to 2730.Xr dumpon 8 . 2731To disable crash dumps, set this variable to 2732.Dq Li NO . 2733.It Va dumpdir 2734.Pq Vt str 2735When the system reboots after a crash and a crash dump is found on the 2736device specified by the 2737.Va dumpdev 2738variable, 2739.Xr savecore 8 2740will save that crash dump and a copy of the kernel to the directory 2741specified by the 2742.Va dumpdir 2743variable. 2744The default value is 2745.Pa /var/crash . 2746Set to 2747.Dq Li NO 2748to not run 2749.Xr savecore 8 2750at boot time when 2751.Va dumpdir 2752is set. 2753.It Va savecore_flags 2754.Pq Vt str 2755If crash dumps are enabled, these are the flags to pass to the 2756.Xr savecore 8 2757utility. 2758.It Va enable_quotas 2759.Pq Vt bool 2760Set to 2761.Dq Li YES 2762to turn on user disk quotas on system startup via the 2763.Xr quotaon 8 2764command. 2765.It Va check_quotas 2766.Pq Vt bool 2767Set to 2768.Dq Li YES 2769to enable user disk quota checking via the 2770.Xr quotacheck 8 2771command. 2772.It Va accounting_enable 2773.Pq Vt bool 2774Set to 2775.Dq Li YES 2776to enable system accounting through the 2777.Xr accton 8 2778facility. 2779.It Va ibcs2_enable 2780.Pq Vt bool 2781Set to 2782.Dq Li YES 2783to enable iBCS2 (SCO) binary emulation at system initial boot 2784time. 2785.It Va ibcs2_loaders 2786.Pq Vt str 2787If not set to 2788.Dq Li NO 2789and if 2790.Va ibcs2_enable 2791is set to 2792.Dq Li YES , 2793this specifies a list of additional iBCS2 loaders to enable. 2794.It Va linux_enable 2795.Pq Vt bool 2796Set to 2797.Dq Li YES 2798to enable Linux/ELF binary emulation at system initial 2799boot time. 2800.It Va svr4_enable 2801.Pq Vt bool 2802If set to 2803.Dq Li YES , 2804enable SysVR4 emulation at boot time. 2805.It Va sysvipc_enable 2806.Pq Vt bool 2807If set to 2808.Dq Li YES , 2809load System V IPC primitives at boot time. 2810.It Va clear_tmp_enable 2811.Pq Vt bool 2812Set to 2813.Dq Li YES 2814to have 2815.Pa /tmp 2816cleaned at startup. 2817.It Va clear_tmp_X 2818.Pq Vt bool 2819Set to 2820.Dq Li NO 2821to disable removing of X11 lock files, 2822and the removal and (secure) recreation 2823of the various socket directories for X11 2824related programs. 2825.It Va ldconfig_paths 2826.Pq Vt str 2827Set to the list of shared library paths to use with 2828.Xr ldconfig 8 . 2829NOTE: 2830.Pa /usr/lib 2831will always be added first, so it need not appear in this list. 2832.It Va ldconfig32_paths 2833.Pq Vt str 2834Set to the list of 32-bit compatibility shared library paths to 2835use with 2836.Xr ldconfig 8 . 2837.It Va ldconfig_paths_aout 2838.Pq Vt str 2839Set to the list of shared library paths to use with 2840.Xr ldconfig 8 2841legacy 2842.Xr a.out 5 2843support. 2844.It Va ldconfig_insecure 2845.Pq Vt bool 2846The 2847.Xr ldconfig 8 2848utility normally refuses to use directories 2849which are writable by anyone except root. 2850Set this variable to 2851.Dq Li YES 2852to disable that security check during system startup. 2853.It Va ldconfig_local_dirs 2854.Pq Vt str 2855Set to the list of local 2856.Xr ldconfig 8 2857directories. 2858The names of all files in the directories listed will be 2859passed as arguments to 2860.Xr ldconfig 8 . 2861.It Va ldconfig_local32_dirs 2862.Pq Vt str 2863Set to the list of local 32-bit compatibility 2864.Xr ldconfig 8 2865directories. 2866The names of all files in the directories listed will be 2867passed as arguments to 2868.Xr ldconfig 8 2869.Fl 32 . 2870.It Va kern_securelevel_enable 2871.Pq Vt bool 2872Set to 2873.Dq Li YES 2874to set the kernel security level at system startup. 2875.It Va kern_securelevel 2876.Pq Vt int 2877The kernel security level to set at startup. 2878The allowed range of 2879.Ar value 2880ranges from \-1 (the compile time default) to 3 (the 2881most secure). 2882See 2883.Xr init 8 2884for the list of possible security levels and their effect 2885on system operation. 2886.It Va sshd_program 2887.Pq Vt str 2888Path to the SSH server program 2889.Pa ( /usr/sbin/sshd 2890is the default). 2891.It Va sshd_enable 2892.Pq Vt bool 2893Set to 2894.Dq Li YES 2895to start 2896.Xr sshd 8 2897at system boot time. 2898.It Va sshd_flags 2899.Pq Vt str 2900If 2901.Va sshd_enable 2902is set to 2903.Dq Li YES , 2904these are the flags to pass to the 2905.Xr sshd 8 2906daemon. 2907.It Va ftpd_program 2908.Pq Vt str 2909Path to the FTP server program 2910.Pa ( /usr/libexec/ftpd 2911is the default). 2912.It Va ftpd_enable 2913.Pq Vt bool 2914Set to 2915.Dq Li YES 2916to start 2917.Xr ftpd 8 2918as a stand-alone daemon at system boot time. 2919.It Va ftpd_flags 2920.Pq Vt str 2921If 2922.Va ftpd_enable 2923is set to 2924.Dq Li YES , 2925these are the additional flags to pass to the 2926.Xr ftpd 8 2927daemon. 2928.It Va watchdogd_enable 2929.Pq Vt bool 2930If set to 2931.Dq Li YES , 2932start the 2933.Xr watchdogd 8 2934daemon at boot time. 2935This requires that the kernel have been compiled with a 2936.Xr watchdog 4 2937compatible device. 2938.It Va watchdogd_flags 2939.Pq Vt str 2940If 2941.Va watchdogd_enable 2942is set to 2943.Dq Li YES , 2944these are the flags passed to the 2945.Xr watchdogd 8 2946daemon. 2947.It Va performance_cx_lowest 2948.Pq Vt str 2949CPU idle state to use while on AC power. 2950The string 2951.Dq Li LOW 2952indicates that 2953.Xr acpi 4 2954should use the lowest power state available while 2955.Dq Li HIGH 2956indicates that the lowest latency state (less power savings) should be used. 2957.It Va performance_cpu_freq 2958.Pq Vt str 2959CPU clock frequency to use while on AC power. 2960The string 2961.Dq Li LOW 2962indicates that 2963.Xr cpufreq 4 2964should use the lowest frequency available while 2965.Dq Li HIGH 2966indicates that the highest frequency (less power savings) should be used. 2967.It Va economy_cx_lowest 2968.Pq Vt str 2969CPU idle state to use when off AC power. 2970The string 2971.Dq Li LOW 2972indicates that 2973.Xr acpi 4 2974should use the lowest power state available while 2975.Dq Li HIGH 2976indicates that the lowest latency state (less power savings) should be used. 2977.It Va economy_cpu_freq 2978.Pq Vt str 2979CPU clock frequency to use when off AC power. 2980The string 2981.Dq Li LOW 2982indicates that 2983.Xr cpufreq 4 2984should use the lowest frequency available while 2985.Dq Li HIGH 2986indicates that the highest frequency (less power savings) should be used. 2987.It Va jail_enable 2988.Pq Vt bool 2989If set to 2990.Dq Li NO , 2991any configured jails will not be started. 2992.It Va jail_list 2993.Pq Vt str 2994A space separated list of names for jails. 2995This is purely a configuration aid to help identify and 2996configure multiple jails. 2997The names specified in this list will be used to 2998identify settings common to an instance of a jail. 2999Assuming that the jail in question was named 3000.Li vjail , 3001you would have the following dependent variables: 3002.Bd -literal 3003jail_vjail_hostname="jail.example.com" 3004jail_vjail_ip="192.168.1.100" 3005jail_vjail_rootdir="/var/jails/vjail/root" 3006.Ed 3007.Pp 3008.It Va jail_flags 3009.Pq Vt str 3010Unset by default. 3011When set, use as default value for 3012.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3013for every jail in 3014.Va jail_list . 3015.It Va jail_interface 3016.Pq Vt str 3017Unset by default. 3018When set, use as default value for 3019.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3020for every jail in 3021.Va jail_list . 3022.It Va jail_fstab 3023.Pq Vt str 3024Unset by default. 3025When set, use as default value for 3026.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3027for every jail in 3028.Va jail_list . 3029.It Va jail_mount_enable 3030.Pq Vt bool 3031Set to 3032.Dq Li NO 3033by default. 3034When set to 3035.Dq Li YES , 3036sets 3037.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3038to YES by default for every jail in 3039.Va jail_list . 3040.It Va jail_devfs_ruleset 3041.Pq Vt str 3042Unset by default. 3043When set, sets 3044.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3045to given value for every jail in 3046.Va jail_list . 3047.It Va jail_devfs_enable 3048.Pq Vt bool 3049Set to 3050.Dq Li NO 3051by default. 3052When set to 3053.Dq Li YES , 3054sets 3055.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3056to YES by default for every jail in 3057.Va jail_list . 3058.It Va jail_fdescfs_enable 3059.Pq Vt bool 3060Set to 3061.Dq Li NO 3062by default. 3063When set to 3064.Dq Li YES , 3065sets 3066.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3067to YES by default for every jail in 3068.Va jail_list . 3069.It Va jail_procfs_enable 3070.Pq Vt bool 3071Set to 3072.Dq Li NO 3073by default. 3074When set to 3075.Dq Li YES , 3076sets 3077.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3078to YES by default for every jail in 3079.Va jail_list . 3080.It Va jail_exec_start 3081.Pq Vt str 3082Unset by default. 3083When set, use as default value for 3084.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3085for every jail in 3086.Va jail_list . 3087.It Va jail_exec_afterstart Ns Aq Ar N 3088.Pq Vt str 3089Unset by default. 3090When set, use as default value for 3091.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3092for every jail in 3093.Va jail_list . 3094.It Va jail_exec_stop 3095Unset by default. 3096When set, use as default value for 3097.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3098for every jail in 3099.Va jail_list . 3100.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 3101.Pq Vt str 3102Unset by default. 3103Set to the root directory used by jail 3104.Va jname . 3105.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 3106.Pq Vt str 3107Unset by default. 3108Set to the fully qualified domain name (FQDN) assigned to jail 3109.Va jname . 3110.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3111.Pq Vt str 3112Unset by default. 3113Set to the IP address assigned to jail 3114.Va jname . 3115.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3116.Pq Vt str 3117Set to 3118.Dq Li -l -U root 3119by default. 3120These are flags to pass to 3121.Xr jail . 3122.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3123.Pq Vt str 3124Unset by default. 3125When set, sets the interface to use when setting IP address alias. 3126Note that the alias is created at jail startup and removed at jail shutdown. 3127.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3128.Pq Vt str 3129Set to 3130.Pa /etc/fstab. Ns Ao Ar jname Ac 3131by default. 3132This is the file system information file to use for jail 3133.Va jname . 3134.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3135.Pq Vt bool 3136Set to 3137.Dq Li NO 3138by default. 3139When set to 3140.Dq Li YES , 3141mount all file systems from 3142.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3143at jail startup. 3144.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3145.Pq Vt str 3146Unset by default. 3147When set, defines the device file system ruleset file to use for jail 3148.Va jname . 3149.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3150.Pq Vt bool 3151Set to 3152.Dq Li NO 3153by default. 3154When set to 3155.Dq Li YES , 3156mount the device file system inside jail 3157.Ar jname 3158at jail startup. 3159.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3160.Pq Vt bool 3161Set to 3162.Dq Li NO 3163by default. 3164When set to 3165.Dq Li YES , 3166mount the file-descriptor file system inside jail 3167.Ar jname 3168at jail startup. 3169.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 3170.Pq Vt bool 3171Set to 3172.Dq Li NO 3173by default. 3174When set to 3175.Dq Li YES , 3176mount the process file system inside jail 3177.Ar jname 3178at jail startup. 3179.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3180.Pq Vt str 3181Set to 3182.Dq Li /bin/sh /etc/rc 3183by default. 3184This is the command executed at jail startup. 3185.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3186.Pq Vt str 3187Unset by default. 3188This is the command run as 3189.Ar N Ns 3190th command 3191after jail startup, where 3192.Ar N 3193is 1, 2, and so on. 3194.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3195.Pq Vt str 3196Set to 3197.Dq Li /bin/sh /etc/rc.shutdown 3198by default. 3199This is the command executed at jail shutdown. 3200.It Va jail_set_hostname_allow 3201.Pq Vt bool 3202If set to 3203.Dq Li NO , 3204do not allow the root user in a jail to set its hostname. 3205.It Va jail_socket_unixiproute_only 3206.Pq Vt bool 3207If set to 3208.Dq Li YES , 3209do not allow any sockets, 3210besides UNIX/IP/route sockets, 3211to be used within a jail. 3212.It Va jail_sysvipc_allow 3213.Pq Vt bool 3214If set to 3215.Dq Li YES , 3216allow applications within a jail to use System V IPC. 3217.\" ----- ISDN settings --------------------------------- 3218.It Va isdn_enable 3219.Pq Vt bool 3220Set to 3221.Dq Li NO 3222by default. 3223When set to 3224.Dq Li YES , 3225starts the 3226.Xr isdnd 8 3227daemon 3228at system boot time. 3229.It Va isdn_flags 3230.Pq Vt str 3231Set to 3232.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 3233by default. 3234Additional flags to pass to 3235.Xr isdnd 8 3236(but see 3237.Va isdn_fsdev 3238and 3239.Va isdn_ttype 3240for certain tunable parameters). 3241.It Va isdn_ttype 3242.Pq Vt str 3243Set to 3244.Dq Li cons25 3245by default. 3246The terminal type of the output device when 3247.Xr isdnd 8 3248operates in full-screen mode. 3249.It Va isdn_screenflags 3250.Pq Vt str 3251Set to 3252.Dq Li NO 3253by default. 3254The video mode for full-screen mode (only for 3255.Xr syscons 4 3256console driver, see 3257.Xr vidcontrol 1 3258for valid modes). 3259.It Va isdn_fsdev 3260.Pq Vt str 3261Set to 3262.Dq Li NO 3263by default. 3264The output device for 3265.Xr isdnd 8 3266in full-screen mode (or 3267.Dq Li NO 3268for daemon mode). 3269.It Va isdn_trace 3270.Pq Vt bool 3271Set to 3272.Dq Li NO 3273by default. 3274When set to 3275.Dq Li YES , 3276enables the ISDN protocol trace utility 3277.Xr isdntrace 8 3278at system boot time. 3279.It Va isdn_traceflags 3280.Pq Vt str 3281Set to 3282.Dq Fl f Pa /var/tmp/isdntrace0 3283by default. 3284Flags for 3285.Xr isdntrace 8 . 3286.\" ----------------------------------------------------- 3287.It Va harvest_interrupt 3288.Pq Vt bool 3289Set to 3290.Dq Li YES 3291to use hardware interrupts as an entropy source. 3292Refer to 3293.Xr random 4 3294for more information. 3295.It Va harvest_ethernet 3296.Pq Vt bool 3297Set to 3298.Dq Li YES 3299to use LAN traffic as an entropy source. 3300Refer to 3301.Xr random 4 3302for more information. 3303.It Va harvest_p_to_p 3304.Pq Vt bool 3305Set to 3306.Dq Li YES 3307to use serial line traffic as an entropy source. 3308Refer to 3309.Xr random 4 3310for more information. 3311.It Va entropy_dir 3312.Pq Vt str 3313Set to 3314.Dq Li NO 3315to disable caching entropy via 3316.Xr cron 8 . 3317Otherwise set to the directory used to store entropy files in. 3318.It Va entropy_file 3319.Pq Vt str 3320Set to 3321.Dq Li NO 3322to disable caching entropy through reboots. 3323Otherwise set to the filename used to store cached entropy through 3324reboots. 3325This file should be located on the root file system to seed the 3326.Xr random 4 3327device as early as possible in the boot process. 3328.It Va entropy_save_sz 3329.Pq Vt int 3330Size of the entropy cache files saved by 3331.Nm save-entropy 3332periodically. 3333.It Va entropy_save_num 3334.Pq Vt int 3335Number of entropy cache files to save by 3336.Nm save-entropy 3337periodically. 3338.It Va ipsec_enable 3339.Pq Vt bool 3340Set to 3341.Dq Li YES 3342to run 3343.Xr setkey 8 3344on 3345.Va ipsec_file 3346at boot time. 3347.It Va ipsec_file 3348.Pq Vt str 3349Configuration file for 3350.Xr setkey 8 . 3351.It Va dmesg_enable 3352.Pq Vt bool 3353Set to 3354.Dq Li YES 3355to save 3356.Xr dmesg 8 3357to 3358.Pa /var/run/dmesg.boot 3359on boot. 3360.It Va rcshutdown_timeout 3361.Pq Vt int 3362If set, start a watchdog timer in the background which will terminate 3363.Pa rc.shutdown 3364if 3365.Xr shutdown 8 3366has not completed within the specified time (in seconds). 3367Notice that in addition to this soft timeout, 3368.Xr init 8 3369also applies a hard timeout for the execution of 3370.Pa rc.shutdown . 3371This is configured via 3372.Xr sysctl 8 3373variable 3374.Va kern.init_shutdown_timeout 3375and defaults to 120 seconds. 3376Setting the value of 3377.Va rcshutdown_timeout 3378to more than 120 seconds will have no effect until the 3379.Xr sysctl 8 3380variable 3381.Va kern.init_shutdown_timeout 3382is also increased. 3383.It Va virecover_enable 3384.Pq Vt bool 3385Set to 3386.Dq Li NO 3387to prevent the system from trying to 3388recover pre-maturely terminated 3389.Xr vi 1 3390sessions. 3391.It Va ugidfw_enable 3392.Pq Vt bool 3393Set to 3394.Dq Li YES 3395to load the 3396.Xr mac_bsdextended 4 3397module upon system initialization and load a default 3398ruleset file. 3399.It Va bsdextended_script 3400.Pq Vt str 3401The default 3402.Xr mac_bsdextended 4 3403ruleset file to load. 3404The default value of this variable is 3405.Pa /etc/rc.bsdextended . 3406.It Va newsyslog_enable 3407.Pq Vt bool 3408If set to 3409.Dq Li YES , 3410run 3411.Xr newsyslog 8 3412command at startup. 3413.It Va newsyslog_flags 3414.Pq Vt str 3415If 3416.Va newsyslog_enable 3417is set to 3418.Dq Li YES , 3419these are the flags to pass to the 3420.Xr newsyslog 8 3421program. 3422The default is 3423.Dq Li -CN , 3424which causes log files flagged with a 3425.Cm C 3426to be created. 3427.It Va mdconfig_md Ns Ao Ar X Ac 3428.Pq Vt str 3429Arguments to 3430.Xr mdconfig 8 3431for 3432.Xr md 4 3433device 3434.Ar X . 3435At minimum a 3436.Fl t Ar type 3437must be specified and either a 3438.Fl s Ar size 3439for malloc or swap backed 3440.Xr md 4 3441devices or a 3442.Fl f Ar file 3443for vnode backed 3444.Xr md 4 3445devices. 3446Note that 3447.Va mdconfig_md Ns Ao Ar X Ac 3448variables are evaluated until one variable is unset or null. 3449.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _newfs 3450.Pq Vt str 3451Optional arguments passed to 3452.Xr newfs 8 3453to initialize 3454.Xr md 4 3455device 3456.Ar X . 3457.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _owner 3458.Pq Vt str 3459An ownership specification passed to 3460.Xr chown 8 3461after the specified 3462.Xr md 4 3463device 3464.Ar X 3465has been mounted. 3466Both the 3467.Xr md 4 3468device and the mount point will be changed. 3469.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _perms 3470.Pq Vt str 3471A mode string passed to 3472.Xr chmod 1 3473after the specified 3474.Xr md 4 3475device 3476.Ar X 3477has been mounted. 3478Both the 3479.Xr md 4 3480device and the mount point will be changed. 3481.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _files 3482.Pq Vt str 3483Files to be copied to the mount point of the 3484.Xr md 4 3485device 3486.Ar X 3487after it has been mounted. 3488.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _cmd 3489.Pq Vt str 3490Command to execute after the specified 3491.Xr md 4 3492device 3493.Ar X 3494has been mounted. 3495Note that the command is passed to 3496.Li eval 3497and that both 3498.Li _dev 3499and 3500.Li _mp 3501variables can be used to reference respectively the 3502.Xr md 4 3503device and the mount point. 3504Assuming that the 3505.Xr md 4 3506device is 3507.Li md0 , 3508one could set the following: 3509.Bd -literal 3510mdconfig_md0_cmd="tar xfzC /var/file.tgz \\${_mp}" 3511.Ed 3512.It Va ramdisk_units 3513.Pq Vt str 3514A list of one or more ramdisk units to configure with 3515.Xr mdconfig 8 3516and 3517.Xr newfs 8 3518in time to be mounted from 3519.Xr fstab 5 . 3520Each listed unit 3521.Ar X 3522must specify at least a 3523.Ar type 3524in a 3525.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3526variable. 3527Note that this way to configure ramdisks has been deprecated 3528in favor of new mdconfig variables (see above). 3529.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3530.Pq Vt str 3531Arguments to 3532.Xr mdconfig 8 3533for ramdisk 3534.Ar X . 3535At minimum a 3536.Fl t Ar type 3537must be specified, where 3538.Ar type 3539must be one of 3540.Cm malloc 3541or 3542.Cm swap . 3543.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs 3544.Pq Vt str 3545Optional arguments passed to 3546.Xr newfs 8 3547to initialize ramdisk 3548.Ar X . 3549.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner 3550.Pq Vt str 3551An ownership specification passed to 3552.Xr chown 8 3553after the specified ramdisk unit 3554.Ar X 3555has been mounted. 3556Both the 3557.Xr md 4 3558device and the mount point will be changed. 3559.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms 3560.Pq Vt str 3561A mode string passed to 3562.Xr chmod 1 3563after the specified ramdisk unit 3564.Ar X 3565has been mounted. 3566Both the 3567.Xr md 4 3568device and the mount point will be changed. 3569.It Va autobridge_interfaces 3570.Pq Vt str 3571Set to the list of bridge interfaces that will have newly arriving interfaces 3572checked against to be automatically added. 3573If not set to 3574.Dq Li NO 3575then for each whitespace separated 3576.Ar element 3577in the value, a 3578.Va autobridge_ Ns Aq Ar element 3579variable is assumed to exist which has a whitespace separated list of interface 3580names to match, these names can use wildcards. 3581For example: 3582.Bd -literal 3583autobridge_interfaces="bridge0" 3584autobridge_bridge0="tap* dc0 vlan[345]" 3585.Ed 3586.El 3587.Sh FILES 3588.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 3589.It Pa /etc/defaults/rc.conf 3590.It Pa /etc/rc.conf 3591.It Pa /etc/rc.conf.local 3592.El 3593.Sh SEE ALSO 3594.Xr catman 1 , 3595.Xr chmod 1 , 3596.Xr gdb 1 , 3597.Xr info 1 , 3598.Xr kbdcontrol 1 , 3599.Xr makewhatis 1 , 3600.Xr sh 1 , 3601.Xr vi 1 , 3602.Xr vidcontrol 1 , 3603.Xr bridge 4 , 3604.Xr ip 4 , 3605.Xr ipf 4 , 3606.Xr ipfw 4 , 3607.Xr ipnat 4 , 3608.Xr kld 4 , 3609.Xr pf 4 , 3610.Xr pflog 4 , 3611.Xr pfsync 4 , 3612.Xr tcp 4 , 3613.Xr udp 4 , 3614.Xr exports 5 , 3615.Xr ipf 5 , 3616.Xr ipnat 5 , 3617.Xr motd 5 , 3618.Xr newsyslog.conf 5 , 3619.Xr pf.conf 5 , 3620.Xr accton 8 , 3621.Xr amd 8 , 3622.Xr apm 8 , 3623.Xr atm 8 , 3624.Xr chkprintcap 8 , 3625.Xr chown 8 , 3626.Xr cron 8 , 3627.Xr dhclient 8 , 3628.Xr ftpd 8 , 3629.Xr geli 8 , 3630.Xr ifconfig 8 , 3631.Xr inetd 8 , 3632.Xr ipf 8 , 3633.Xr ipfw 8 , 3634.Xr ipnat 8 , 3635.Xr isdnd 8 , 3636.Xr isdntrace 8 , 3637.Xr jail 8 , 3638.Xr kldxref 8 , 3639.Xr lpd 8 , 3640.Xr mdconfig 8 , 3641.Xr mdmfs 8 , 3642.Xr mountd 8 , 3643.Xr moused 8 , 3644.Xr mrouted 8 , 3645.Xr named 8 , 3646.Xr newfs 8 , 3647.Xr newsyslog 8 , 3648.Xr nfsd 8 , 3649.Xr ntpd 8 , 3650.Xr ntpdate 8 , 3651.Xr pcnfsd 8 , 3652.Xr pfctl 8 , 3653.Xr pflogd 8 , 3654.Xr powerd 8 , 3655.Xr quotacheck 8 , 3656.Xr quotaon 8 , 3657.Xr rc 8 , 3658.Xr rc.sendmail 8 , 3659.Xr route 8 , 3660.Xr routed 8 , 3661.Xr rpcbind 8 , 3662.Xr rpc.lockd 8 , 3663.Xr rpc.statd 8 , 3664.Xr rwhod 8 , 3665.Xr savecore 8 , 3666.Xr sshd 8 , 3667.Xr swapon 8 , 3668.Xr sysctl 8 , 3669.Xr syslogd 8 , 3670.Xr timed 8 , 3671.Xr yp 8 , 3672.Xr ypbind 8 , 3673.Xr ypserv 8 , 3674.Xr ypset 8 3675.Sh HISTORY 3676The 3677.Nm 3678file appeared in 3679.Fx 2.2.2 . 3680.Sh AUTHORS 3681.An Jordan K. Hubbard . 3682